|
291311
|
- |
|
canonical
djangoproject
|
ubuntu_linux
django
|
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not proper…
|
CWE-399
Resource Management Errors
|
CVE-2014-0474
|
2024-11-21 11:02 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291312
|
- |
|
djangoproject
canonical
|
django
ubuntu_linux
|
The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached CSRF token for all anonymous users, which allows remote attackers to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0473
|
2024-11-21 11:02 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291313
|
- |
|
djangoproject
canonical
|
django
ubuntu_linux
|
The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Pyth…
|
CWE-94
Code Injection
|
CVE-2014-0472
|
2024-11-21 11:02 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291314
|
- |
|
progea
|
movicon
|
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.
|
CWE-200
Information Exposure
|
CVE-2014-0778
|
2024-11-21 11:02 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291315
|
- |
|
emc
|
cloud_tiering_appliance_software
cloud_tiering_appliance
file_management_appliance_software
file_management_appliance
|
EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-depen…
|
CWE-255
Credentials Management
|
CVE-2014-0645
|
2024-11-21 11:02 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291316
|
- |
|
emc
|
cloud_tiering_appliance_software
cloud_tiering_appliance
|
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity r…
|
CWE-200
Information Exposure
|
CVE-2014-0644
|
2024-11-21 11:02 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291317
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin C…
|
NVD-CWE-noinfo
|
CVE-2014-0465
|
2024-11-21 11:02 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291318
|
- |
|
oracle
|
jdk
jre
|
Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0463.
|
NVD-CWE-noinfo
|
CVE-2014-0464
|
2024-11-21 11:02 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291319
|
- |
|
oracle
|
jdk
jre
|
Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0464.
|
NVD-CWE-noinfo
|
CVE-2014-0463
|
2024-11-21 11:02 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291320
|
- |
|
canonical
oracle
debian
ibm
|
ubuntu_linux
jdk
jre
debian_linux
forms_viewer
|
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to…
|
NVD-CWE-noinfo
|
CVE-2014-0461
|
2024-11-21 11:02 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
